<%@ Page Language="C#" Title="ShowContexts" %>

<%@ Import Namespace="System.Security.Principal" %>
<%@ Import Namespace="System.Web.Configuration" %>
<%@ Import Namespace="System.Collections.Generic" %>
<%@ Import Namespace="System.Reflection" %>
<%@ Import Namespace="System.Security.Cryptography.X509Certificates" %>
<%@ Import Namespace="System.Threading" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<script runat="server">

    protected void Page_Load(object sender, EventArgs e)
    {
        _getConfigSettings();
        _getIdentities();
        _getRoles();
        //GetRoles();
    }

    protected void _getIdentities()
    {
        // New overload in Whidbey to check if we are impersonating
        WindowsIdentity thread = WindowsIdentity.GetCurrent(true);
        if (thread == null)
            _thread.Text = "not impersonating";
        else
            _thread.Text = thread.Name;

        if (Context.User.Identity.IsAuthenticated == true)
        {
            _context.Text = Context.User.Identity.Name;
            _contextMode.Text = Context.User.Identity.AuthenticationType;
        }
        else
        {
            _context.Text = "anonymous";
            _contextMode.Text = "anonymous";
        }

        if (Thread.CurrentPrincipal != null)
        {
            string tcpTypes = "";

            if (Thread.CurrentPrincipal.Identity != null)
            {
                _tcp.Text = Thread.CurrentPrincipal.Identity.Name;
                tcpTypes = Thread.CurrentPrincipal.Identity.GetType().FullName;
                _tcpMode.Text = Thread.CurrentPrincipal.Identity.AuthenticationType;
            }

            tcpTypes = Thread.CurrentPrincipal.GetType().FullName + " / " + tcpTypes;
            _tcpTypes.Text = tcpTypes;
        }

        _contextTypes.Text = String.Format("{0} / {1}",
            Context.User.GetType(),
            Context.User.Identity.GetType());

        if (Request.ClientCertificate.IsPresent)
        {
            X509Certificate2 cert = new X509Certificate2(Request.ClientCertificate.Certificate);
            _clientCertUpn.Text = cert.GetNameInfo(X509NameType.UpnName, false);
            _clientCert.Text = Request.ClientCertificate.Subject;
        }

        // RevertToSelf
        WindowsIdentity.Impersonate(IntPtr.Zero);
        _process.Text = WindowsIdentity.GetCurrent().Name;

        _IisIdentity.Text = Request.LogonUserIdentity.Name;
    }

    protected void _getConfigSettings()
    {
        // get config sections
        AuthenticationSection auth = (AuthenticationSection)WebConfigurationManager.GetSection("system.web/authentication");
        IdentitySection identity = (IdentitySection)WebConfigurationManager.GetSection("system.web/identity");
        MembershipSection membership = (MembershipSection)WebConfigurationManager.GetSection("system.web/membership");
        RoleManagerSection role = (RoleManagerSection)WebConfigurationManager.GetSection("system.web/roleManager");
        TrustSection trust = (TrustSection)WebConfigurationManager.GetSection("system.web/trust");

        if (auth.Mode == AuthenticationMode.Windows)
            _authSettings.Text = "Windows";
        else if (auth.Mode == AuthenticationMode.Forms)
            _authSettings.Text = "Forms";

        if (identity.Impersonate == true)
        {
            if (identity.UserName != string.Empty)
                _impSettings.Text = "application impersonation / impersonating: " + identity.UserName;
            else
                _impSettings.Text = "client impersonation";
        }
        else
            _impSettings.Text = "not set";


        if (role.Enabled == true)
            _roleProvider.Text = Roles.Provider.GetType().ToString();


        if (membership.Providers.Count != 0)
            _membershipProvider.Text = Membership.Provider.GetType().ToString();

        _trust.Text = trust.Level;
    }

    protected void _getRoles()
    {
        string[] roles = null;

        if (Context.User.Identity.IsAuthenticated == true)
        {
            if (Context.User is WindowsPrincipal)
            {
                List<string> groups = new List<string>();
                IdentityReferenceCollection irc = ((WindowsIdentity)Context.User.Identity).Groups.Translate(typeof(NTAccount));
                foreach (NTAccount acc in irc)
                {
                    groups.Add(acc.Value);
                }
                roles = groups.ToArray();
            }
            else if (Context.User is RolePrincipal)
            {
                try
                {
                    roles = ((RolePrincipal)Context.User).GetRoles();
                }
                catch (Exception ex)
                {
                    roles = new string[] { "<b>error fetching roles using RolePrincipal</b>", ex.ToString() };
                }
            }
            else if (Context.User is GenericPrincipal)
            {
                Type t = Context.User.GetType();
                FieldInfo f = t.GetField("m_roles", BindingFlags.Instance | BindingFlags.NonPublic);
                roles = (string[])f.GetValue(Context.User);
            }

            if (roles != null && roles.Length != 0)
            {
                _roles.Text = string.Join("<br>", roles);
            }
        }
    }

    protected void GetRoles()
    {
        string[] roles = null;
        
        roles = Roles.GetRolesForUser("Admin");

        if (roles != null && roles.Length != 0)
        {
            _roles.Text = string.Join("<br>", roles);
        }
    }

    protected void _btnSaveConfig_Click(object sender, EventArgs e)
    {
        Configuration config = WebConfigurationManager.OpenWebConfiguration("~");
        config.SaveAs(_txtConfig.Text, ConfigurationSaveMode.Full, true);
    }
</script>

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="Head1" runat="server">
    <title>ShowContexts</title>
</head>
<body style="font-family: Arial">
    <form id="form1" runat="server">
        <div>
            <h1>
                <span style="color: maroon">ShowContexts (taken from www.leastprivilege.com)</span></h1>
            <br />
            <h2>
                <strong><span style="color: maroon">Configuration Settings: </span></strong>
            </h2>
            <div style="text-align: left">
                <table border="0">
                    <tr>
                        <td style="width: 20px; height: 21px;">
                        </td>
                        <td style="width: 267px; height: 21px;">
                            <strong>Authentication Mode:</strong></td>
                        <td style="width: 380px; height: 21px;">
                            <asp:Label ID="_authSettings" runat="server"></asp:Label></td>
                    </tr>
                    <tr>
                        <td style="width: 20px; height: 10px;">
                        </td>
                        <td style="width: 267px; height: 10px;">
                            <strong>Impersonation Settings:</strong></td>
                        <td style="width: 380px; height: 10px;">
                            <asp:Label ID="_impSettings" runat="server" /></td>
                    </tr>
                    <tr>
                        <td style="width: 20px">
                        </td>
                        <td style="width: 267px">
                            <strong>Membership Provider:</strong></td>
                        <td style="width: 380px">
                            <asp:Label ID="_membershipProvider" runat="server" /></td>
                    </tr>
                    <tr>
                        <td style="width: 20px">
                        </td>
                        <td style="width: 267px">
                            <strong>Role Provider:</strong></td>
                        <td style="width: 380px">
                            <asp:Label ID="_roleProvider" runat="server" /></td>
                    </tr>
                    <tr>
                        <td style="width: 20px">
                        </td>
                        <td style="width: 267px">
                            <strong>Trust Level:</strong></td>
                        <td style="width: 380px">
                            <asp:Label ID="_trust" runat="server" /></td>
                    </tr>
                </table>
            </div>
            <br />
            <h2>
                <strong><span style="color: maroon">Identity Information: </span></strong>
            </h2>
            <table border="0">
                <tr>
                    <td style="width: 20px; height: 21px;">
                    </td>
                    <td style="width: 267px; height: 21px;">
                        <strong>Process Identity:</strong></td>
                    <td style="width: 380px; height: 21px;">
                        <asp:Label runat="server" ID="_process" /></td>
                </tr>
                <tr>
                    <td style="width: 20px; height: 10px;">
                    </td>
                    <td style="width: 267px; height: 10px;">
                        <strong>Thread Identity:</strong></td>
                    <td style="width: 380px; height: 10px;">
                        <asp:Label runat="server" ID="_thread" /></td>
                </tr>
                <tr>
                    <td style="width: 20px">
                    </td>
                    <td style="width: 267px">
                        <strong>Context.User</strong></td>
                    <td style="width: 380px">
                        <asp:Label runat="server" ID="_context" /></td>
                </tr>
                <tr>
                    <td style="width: 20px; height: 21px;">
                    </td>
                    <td style="width: 267px; height: 21px;">
                        <strong>Thread.CurrentPrincipal</strong></td>
                    <td style="width: 380px; height: 21px;">
                        <asp:Label ID="_tcp" runat="server"></asp:Label></td>
                </tr>
                <tr>
                    <td style="width: 20px; height: 21px;">
                    </td>
                    <td style="width: 267px; height: 21px;">
                        <strong>IIS Authentication Identity</strong></td>
                    <td style="width: 380px; height: 21px;">
                        <asp:Label ID="_IisIdentity" runat="server" /></td>
                </tr>
                <tr>
                    <td style="width: 20px; height: 21px;">
                    </td>
                    <td style="width: 267px; height: 21px;">
                        <strong>Client Certificate Subject</strong></td>
                    <td style="width: 380px; height: 21px;">
            <asp:Label ID="_clientCert" runat="server" Text="None" /></td>
                </tr>
                <tr>
                    <td style="width: 20px; height: 21px;">
                    </td>
                    <td style="width: 267px; height: 21px;">
                        <strong>Client Certificate UPN</strong></td>
                    <td style="width: 380px; height: 21px;">
                        <asp:Label ID="_clientCertUpn" runat="server" /></td>
                </tr>
            </table>
            <br />
            <h2>
                <span style="color: #800000">Type Information:</span></h2>
            <table border="0">
                <tr>
                    <td style="width: 20px; height: 21px;">
                    </td>
                    <td style="width: 267px; height: 21px;">
                        <strong>Context IPrincipal / IIdentity:</strong></td>
                    <td style="width: 380px; height: 21px;">
                        <asp:Label runat="server" ID="_contextTypes" /></td>
                </tr>
                <tr>
                    <td style="width: 20px; height: 10px;">
                    </td>
                    <td style="width: 267px; height: 10px;">
                        <strong>Context Authentication Type:</strong></td>
                    <td style="width: 380px; height: 10px;">
                        <asp:Label runat="server" ID="_contextMode" /></td>
                </tr>
                <tr>
                    <td style="width: 20px">
                    </td>
                    <td style="width: 267px">
                        <strong>Thread.CurrentPrincipal
                            <br />
                            IPrincipal / IIdentity type:</strong></td>
                    <td style="width: 380px">
                        <asp:Label runat="server" ID="_tcpTypes" /></td>
                </tr>
                <tr>
                    <td style="width: 20px">
                    </td>
                    <td style="width: 267px">
                        <strong>Thread.CurrentPrincipal&nbsp;<br />
                            Authentication Type:</strong></td>
                    <td style="width: 380px">
                        <asp:Label ID="_tcpMode" runat="server" /></td>
                </tr>
            </table>
            <strong>
                <br />
            </strong>
            <h2>
                <span style="color: maroon">Roles:</span></h2>
            <asp:Label ID="_roles" runat="server" Text="not available" />
            <br />
            <br />
            Save aggregated web.config to:
            <asp:TextBox ID="_txtConfig" runat="server"></asp:TextBox>&nbsp;<asp:Button ID="_btnSaveConfig"
                runat="server" OnClick="_btnSaveConfig_Click" Text="Save" /></div>
    </form>
</body>
</html>
